<?php
    session_start();
    
    $username = "pocketgames_dk";
    $password = "mHiRL4bV";
    $hostname = "pocketgames.dk.mysql";
    $db_name="pocketgames_dk";
    $tbl_name="Users";
    
    // Connect to server and select databse.
    mysql_connect("$hostname", "$username", "$password") or die("cannot connect");
    mysql_select_db("$db_name")or die("cannot select DB");
    
    // username and password sent from form
    $myusername=$_POST['myusername'];
    $mypassword=$_POST['mypassword'];
    
    // To protect MySQL injection (more detail about MySQL injection)
    $myusername = stripslashes($myusername);
    $mypassword = stripslashes($mypassword);
    $myusername = mysql_real_escape_string($myusername);
    $mypassword = mysql_real_escape_string($mypassword);
    $sql="SELECT * FROM $tbl_name WHERE user='$myusername' and password='$mypassword'";
    $result=mysql_query($sql);
    
    // Mysql_num_row is counting table row
    $count=mysql_num_rows($result);
    
    // If result matched $myusername and $mypassword, table row must be 1 row
    if($count==1){
        
        // Register $myusername, $mypassword and redirect to file "login_success.php"
        $_SESSION['myusername'] = 'yes';
        header("location:ShowQuestions.php");
    }
    else {
        echo "Wrong Username or Password";
    }
?>